Preparing to display OpenText Core SCA (Debricked) results

You can view open source security data from OpenText Core SCA on the AUDIT or OPEN SOURCE pages in Application Security. To do so, you must first download and install the required parser plugin. After you do, the uploaded open source analysis results are visible.

To prepare Application Security to display OpenText Core SCA data:

1. In a browser, go to https://github.com/fortify/fortify-ssc-parser-debricked-cyclonedx/releases.

2. Click Assets, and then select the latest version of the parser to download it.

   At the time of writing, the latest version is fortify-ssc-23.2+-parser-debricked-cyclonedx-1.2.0.zip.

3. Extract the contents of the downloaded ZIP file to a local directory.
4. Sign in to Application Security as an Administrator.
5. On the header, select Administration.

6. On the navigation pane, expand Plugins, and then select Parser Plugins.

7. On the Parsers page, click NEW.

8. To accept the risk of uploading the plugin, click OK.

9. In the UPLOAD PLUGIN BUNDLE dialog box, click BROWSE, and then select the extracted JAR file.

10. In the UPLOAD PLUGIN BUNDLE dialog box, click START UPLOAD.

    The Parsers page now lists the OpenText Core SCA parser plugin.

11. After the upload is complete, expand the row for the OpenText Core SCA parser plugin, and then click ENABLE.
12. To accept the enable plugin warning message, click OK.

See Also

Uploading scan artifacts

Viewing open source data